]> git.ipfire.org Git - thirdparty/systemd.git/commitdiff
projects / thirdparty / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7aab223)
man: don't place nginx socket in /tmp (#8757)
authorLennart Poettering <lennart@poettering.net>
Wed, 18 Apr 2018 16:50:06 +0000 (18:50 +0200)
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Wed, 18 Apr 2018 16:50:06 +0000 (18:50 +0200)
First of all, it's frickin' ugly and wrong, as IPC sockets should be
placed in /run and definitely not under a guessable name under
world-writable /tmp. Secondly, it can't even work as we set
PrivateTmp=yes on the service.

Hence, let's clean up the example, and simply use a socket in /run
instead.

Fixes: #8419
man/systemd-socket-proxyd.xml patch | blob | blame | history

diff --git a/man/systemd-socket-proxyd.xml b/man/systemd-socket-proxyd.xml
index ced509daabcd846986bfd1188cad2ba0c3e2ff0e..68baccae30b9f1a0720837ac8ced2b74924f0e82 100644 (file)
--- a/man/systemd-socket-proxyd.xml
+++ b/man/systemd-socket-proxyd.xml
@@ -111,7 +111,7 @@ Requires=proxy-to-nginx.socket
 After=proxy-to-nginx.socket
 
 [Service]
-ExecStart=/usr/lib/systemd/systemd-socket-proxyd /tmp/nginx.sock
+ExecStart=/usr/lib/systemd/systemd-socket-proxyd /run/nginx/socket
 PrivateTmp=yes
 PrivateNetwork=yes]]></programlisting>
       </example>
@@ -120,7 +120,7 @@ PrivateNetwork=yes]]></programlisting>
         <programlisting>
 <![CDATA[[…]
 server {
-    listen       unix:/tmp/nginx.sock;
+    listen       unix:/run/nginx/socket;
     […]]]>
 </programlisting>
       </example>
Unnamed repository; edit this file 'description' to name the repository.